﻿using Abp.Web.Security.AntiForgery;
using Microsoft.AspNetCore.Mvc;

namespace AbpProjectTemplate.Web.Controllers
{
    /// <summary>
    /// CSRF/XSRF
    /// </summary>
    public class AntiForgeryController : AppApiControllerBase
    {
        private readonly IAbpAntiForgeryManager _antiForgeryManager;

        public AntiForgeryController(IAbpAntiForgeryManager antiForgeryManager)
        {
            _antiForgeryManager = antiForgeryManager;
        }

        [HttpPost]
        public dynamic GetToken()
        {
            return new
            {
                TokenHeaderName = this._antiForgeryManager.Configuration.TokenHeaderName,
                Token = this._antiForgeryManager.GenerateToken()
            };
        }
    }
}
